Debunking email hoaxes and exposing Internet scams since 2003!

Hoax-Slayer Logo Hoax-Slayer Logo

Home    About    New Articles    RSS Feed    Subscriptions    Contact
Bookmark and Share

Issue 152 - April, 2013 (2nd Edition) - Page 5

NatWest 'Inadequate Security Enrollment' Phishing Scam

Issue 152 Start Menu

Previous Article            Next Article

Email purporting to be from UK bank NatWest, claims that the recipient's online banking has been disabled due to "Inadequate security enrollment" or a login error. The recipient is instructed to click a link to login to reactive the account.

Phishing Website

© Yu

Brief Analysis
The email is not from Natwest. The message is a phishing scam designed to trick recipients into submitting their personal and financial information to cybercriminals. The link opens a fake website made to look like a genuine Natwest web page.

Bookmark and Share

Dear NatWest Customer,

Personal details of your NatWest account has
encountered an error which made your online
banking disabled.

The cause may be:

* Inadequate security enrollment
* Your account has been logged in from a different location
* Invalid attempt login

As a bank we strongly recommend you to re-activate your account
by clicking on the link below and follow the required steps

Click here to Sign in

Yours sincerely
National Westminster Bank

Natwest Phishing Scam Email

Detailed Analysis
According to this email, which purports to be from UK based bank NatWest, the recipient's online banking access has been disabled due to "inadequate security enrollment" or an issue with previous login attempts. Recipients are asked to click a link and follow the required steps to reactivate the account. The email includes a NatWest logo and appears to have been sent from a legitimate NatWest email address.

However, the message is not from NatWest. It is a typical phishing scam designed to trick NatWest customers into divulging their account login details and other personal and financial information to Internet fraudsters.

Those who succumb to the ruse and click the link as instructed will first be taken to a fake NatWest login page and asked to login. After they have clicked the login button, they will be taken to a second bogus form that asks them to input further information about their account, including passwords, debit card numbers and ATM PINS. When they have supplied these details, they will be taken to yet another bogus form that asks for their credit card details and further personal information.

After filling in the final form, they will then be automatically redirected to the real NatWest website. Content in the false belief that they have successfully overcome the supposed issue and restored access to their accounts, victims are unlikely to realize until far too late that they have been phished.

Meanwhile, the criminals responsible for the phishing scam can collect the stolen account data, use it to hijack the compromised NatWest accounts, and go on to commit credit card fraud and identity theft.

The scammers have used email address spoofing to make it seem that messages were really sent by NatWest. They also use graphics and formatting stolen from the genuine NatWest website to make their bogus emails and web pages look more authentic.

Your bank will never send you an unsolicited email that asks you to click a link or open an attached file to restore account access or update details. Phishing is a very common scam that finds new victims all around the world every day. It is always safest to login to your online accounts by entering the account address into your browser's address bar rather than by clicking a link in an email.

Toggle To View Fake Website Screenshots

Fake NatWest Login Page

Fake Natwest Login Page

NatWest Phishing Fake Form 1

Fake Natwest Account Details Form

Fake Natwest Personal Info Form

Fake Natwest Credit Card and Personal Information Form

Bookmark and Share

Last updated: April 11, 2013
First published: April 11, 2013
By Brett M. Christensen
About Hoax-Slayer

Phishing Scams - Anti-Phishing Information

Previous Article            Next Article

Issue 152 Start Menu

Pages in this issue:
  1. Burundanga Business Card Drug Warning
  2. William's Story - Stranded Friend Begging Message Scam
  3. Misleading and Inaccurate Diatribe - 'Toning Down' Anzac Day 2015
  4. 'Rarest Meteor Shower' - April 22, 2013
  5. NatWest 'Inadequate Security Enrollment' Phishing Scam
  6. Hoax - Indian Woman Gives Birth to Eleven Babies at Once
  7. False Claim - Muslims can Avoid Paying Bedroom Tax by Designating One Bedroom as a Prayer Room
  8. Optional Facebook Trial Allows Users to Pay to Send Messages to Non-Friend Inboxes
  9. False Claim - Anzac Day Badges Banned at Mt. Warren Park Shopping Centre
  10. The Bogus Tale of The British Flag Lapel Pin and the Rude Muslim Woman in the Checkout Queue
  11. Satire - Message Claims Parents Put Daughter Up For Adoption Because She is Gay
  12. Vladimir Putin's Supposed Speech to the Duma on Minorities and Sharia Law
  13. 'Warning Code: 11XXTT8765' Email Phishing Scam
  14. 'Your PayPal Account Was Deleted' Phishing Scam
  15. Facebook 'Name and Shame Baby Beater' Message
  16. 'Like' and 'Share' Harvesting Hoax - Boy Beaten for Liking One Direction
  17. Robin Williams 'Perfect Plan' For Peace Speech
  18. Bogus Facebook Message Claims Fake RSPCA Workers Trying to Steal Dogs in Coxhoe